开发者

RSA decryption coming out backwards, Javascript -> perl

问答 作者:

I am attempting to take a password from a form, encrypt it with RSA in java script and submit the form.

When the Form is received by the Perl code, it will then decrypt the password. I've been able to get the java script and the Perl using the same RSA key, and i can decrypt messages encrypted in java script with java script, and messages encrypted in Perl with Perl.

The next step is to encrypt in java script and decrypt in Perl. After a lot of frusteration i'm almost there, however the decrypted string is backwards:

Clear Text Here!

Gets encrypted in Javascript then submitted via post Perl then attempts to decrypt and the following is created

������������������������������������������������ereh txet raelC

As you can see, it's backwards. The weird characters are a result of the javascript library padding out the string with 0's.

I suspect this may have to do with endianness but my experiments to that end so far create gobbly-gook.

I'm using the perl package Crypt::OpenSSL::RSA; And the javascript rsa and related math libraries written by Dave Shapiro found here: http://ohdave.com/rsa/

The javascript RSA library returns it's value as a decimal repres开发者_C百科entation of the binary. I feed this to a Crypt::OpenSSL::Bignum object to convert it back into binary for the perl code to use.

The encryption code is: 

function doEncryption(key, ptextID, ctextID) {
  $(ctextID).val("Encrypting...");
  $(ctextID).val(encryptedString(key, $(ptextID).val()));
}

And the decryption code is:

sub java_decrypt {
  my $message = shift;
  my $rsa = shift;

    $rsa->use_no_padding();
    my @blocks = split ' ', $message;
    my $decmessage = "";
    foreach my $block (@blocks) {
      my $bitz = Crypt::OpenSSL::Bignum->new_from_decimal($block);
      $decmessage .= $rsa->decrypt($bitz->to_bin());
    }
    $rsa->use_pkcs1_oaep_padding();
    #$decmessage = reverse $decmessage;
    #$decmessage =~ s/\0//g;
    return($decmessage);
}

The two lines commented out at the end will correct the issues with the decryption being backwards and padded, but I don't know that i trust it. If encrypted in perl, it comes out the correct way, so if there is a better way to solve this (switch the endianness of the binary string?) I would much prefer that.

I've tried to swap the endianness with pack, but this has only rewarded me with gibberish. And just in case it's asked, the string concatenation of the decrypted message does not come into play, as the message is in a single 64byte block currently.

Do you have a compelling reason not to just use a simple hashing algorithm like sha256 encrypt the whole session via TLS (SSL) rather than attempting to do something overly complex with RSA at this level?

Also, I have only a passing familiarity with Javascript, but I'm pretty sure it's returning a hex value, not a decimal. are you absolutely sure it's decimal?

继续阅读:cryptographyendiannessjavascriptperlrsa

更多精彩内容

0

上一篇:

下一篇:

精彩评论

暂无评论...
登录 注册
Qedev.com
验证码 换一张
取 消

最新问答

问答排行榜

法律声明:本站内容均为网友上传,网站举办方负责审核和监督,

如存在版权或非法内容,欢迎举报,我们将尽快予以删除。

Copyright © 2018-2020 开发者. All rights reserved.

Powered by 开发者

ICP备案号: 京ICP备10032868号-9